Bluebox Security, the firm where the two researchers work, found that the flaw in the Android system allows malware apps to pass fake credentials to Android, which fails to properly verify the app’s cryptographic signature. Because of this flaw, hackers can create a malicious application which is installed by the user, ultimately allowing the application to “trick the system into giving it…full control of the device, with access to the user’s financial data, contacts and other private information, even data stored in the cloud,” as AppleInsider describes.

Bluebox reported the problem to Google in April and has provided all device partners with a solution. However, devices that have not been updated with the latest version of the operating system remain at risk – which Jeff Forristal, BlueBox’s CTO, believes could amount to 99 percent of all Android.

This year has seen a number of security breaches and companies are becoming increasingly aware of the dangers this could pose to their public image. In May, for example, Target’s former CEO, Gregg Steinhafler, resigned after hackers entered the company’s database. The Heartbleed Bug was also a significant security breach this year that affected millions of individuals and companies across the globe.